117400cce2d25ba59019b7d1b7283ba18994ddf2411140b924dde02d45c5fdde | Triage

Sharing

General

Target

NFS3.iso
Size

581.1MB
Sample

250328-xszzzs1rz4
MD5

7772d0ca525b2a0e70f566a0f7ae409b
SHA1

b41fea71442c278a631339788064c35a51583e19
SHA256

117400cce2d25ba59019b7d1b7283ba18994ddf2411140b924dde02d45c5fdde
SHA512

21115aa4f7b268ab3398454e1dbc61558ccce702fd3ba0e39419417c95c6a4ff9cd5fc3161a0f77dbf36016aaecace6ab9b9de2bd46002206ae4de5a7e707602
SSDEEP

12582912:4P2ER+6lsrg93mkJkgoRp0ARaiTDu22H7r25+DoGiQS8:4eKsr43Dkgkp0AOP7o+DoGiQS8

Score

6^/10

discovery link pdf

Malware Config

Targets

- Target
  
  redist/directx5/dsetup32.dll
- Size
  
  41KB
- MD5
  
  3d98c98e3a859bb26aca297b6fff3cde
- SHA1
  
  e3c0fc9afd704e22e12e5698ec076d634895b0fa
- SHA256
  
  cdfeaf5ff77f4f0fa7460614e4fa6e74ab201694570f92fd7c20d3b155093895
- SHA512
  
  adda54154a5c165d62bf76a1deced663abed061ffe58137a9dd47dca0fe49db9e6766806f88841c87806427c15dfdf24e3440474b8712415c0922a8baff19888
- SSDEEP
  
  768:CXIWGknr/2BPOCPEG4RMKHSzdwnuJvkQrz:CX5Gcr+5XKAwnuJMQr
Score

6^/10

discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2
- Target
  
  setup/3dfx/_isdel.exe
- Size
  
  8KB
- MD5
  
  c3200e3277aef0e5d150d797aa62d55f
- SHA1
  
  fe96bd82d167f50cb8cd9c9a32d72b77f45f8002
- SHA256
  
  b526045cdf964674851fe70b54c1b486a78647be1aecb66bccc61d0a56eba183
- SHA512
  
  3af74aa02c76eb63d2ad3cca252e54496e4a32397b21cd99c017b79d486e0eeaee17c179946d41ee3be1f6582b9a67828294024dd0e218dd619271354171bf79
- SSDEEP
  
  96:WsBvbizZ2TbMJmwHB3QTatXvpZUHeFryhXt76W1GdXMm9DQcSCanLrPa:ziV2fMITAXvMIyhXtOvdcYK7Pa
Score

1^/10
behavioral3 behavioral4
- Target
  
  setup/3dfx/_setup.dll
- Size
  
  5KB
- MD5
  
  e4b21dd2eeca30224b985a26d7043359
- SHA1
  
  23e693b13c1ab6cf244ad460062bd44b38579d21
- SHA256
  
  5db08c1d790fbb73331c76d13d83d42fcb8e9c343f2f1c9139704555e31ebc9c
- SHA512
  
  824263de1643c44bbde492652edd043baf9a1d75cab59742a9a65418c7d78a611d3a393f58d86ba5701880d88bb402a7bb21af4b8814a9e5ecd7b99987c6980f
- SSDEEP
  
  96:GB5kN+NdX5PjCbezbvn9zpvtwM0HWwCaNVgrgWtRpE9fhRMJzrsTMl6IJMl6u:JSpV9Xb0HWwDkIIvu
Score

1^/10
behavioral5 behavioral6
- Target
  
  setup/3dfx/glide/drivers/voodoo/ntsys/genport.sys
- Size
  
  4KB
- MD5
  
  eddb7d3b76cdd82d17b6c6f5a5b0dfd4
- SHA1
  
  65fb39241118b99695bfab6498cb358a935e001b
- SHA256
  
  a6155584985e8b9deb0243eb6b17717fdedf004ab83e962bdcc42a785ec3f332
- SHA512
  
  0984b5f55bbf2da9d139e860c076ac0cc3e84d6c0fedbd8dd0331323d743bfa50a147daa1991071e191e3e8ae289b25bd600cd4bb08c4cb8288426b3e4c108b5
- SSDEEP
  
  96:FvhmhyAdhBAiop6rWudqIHnGud/D/P1A7MEF+:bmhBdhGNRwLu0
Score

1^/10
behavioral7 behavioral8
- Target
  
  setup/3dfx/glide/drivers/voodoo/ntsys/mapmem.sys
- Size
  
  6KB
- MD5
  
  f67c50b52be3c64016410ac77f3f727a
- SHA1
  
  25d59c42459cd88bab0829416e808033e8ef6786
- SHA256
  
  341e0b607aa9a76b5c2d16ee92a10e9ef1b520057d6c9083770ee226b07a9655
- SHA512
  
  1df37fa21a62d6cf32b8a53f646fd9d783d34a679a8eba5b5335fad576ac61388613b4c724a08b288ef189baa700e1041f9ca9281c22a2475c5274a3f8e2ab14
- SSDEEP
  
  96:U+eLZojZASsArNG/EZ8nr1WWJdFaPUvndYuS6q64xsEDPVMoo5urFw3Anh:biojZASZrNGZxRr2OJ47o
Score

1^/10
behavioral10 behavioral9
- Target
  
  setup/3dfx/glide/drivers/voodoo/ntsys/ntremap.sys
- Size
  
  6KB
- MD5
  
  af2457166f5d3649e3a99974a6a1d83a
- SHA1
  
  8f22b7251403eef2ccdf3f0d8b2e7fee726fb4c5
- SHA256
  
  07b7d48e074322664b74f3b92c97abf00dde27cec50d5e3bda6b2d77e76a96c8
- SHA512
  
  31c8ce7fc245043a0ceaa0e977404de1608a9379fa905a8146c3d7702fd3a507eb346bd478a16b44245c943dacbd626c538004a3bd9a36d3902b5670a3a752d0
- SSDEEP
  
  96:1oXBzrv0AYOojNICNLr1BCWIdqnz5TKFdo8AvEtKJRUMRq3T5RvXFq7+1Mn8:1oXBzDZt+7zrt7RvEQRq3TH
Score

1^/10
behavioral11 behavioral12
- Target
  
  setup/3dfx/glide/drivers/voodoo/win95/glide2x.dll
- Size
  
  384KB
- MD5
  
  1dcb1619485ddf9f0c45e94c566d606e
- SHA1
  
  cbf5891a61c35d95fd98a6439984049b0eeb146f
- SHA256
  
  e7e7a70d3861bdb469c9aa07ea08331a8e7e2661d96fc20133be4e7de440fe9e
- SHA512
  
  63eb95930b8810a10c12d77ad74ebdb963a59ca2a4d1fc36b6f8f4d29b89bbe24f954d178f2eb01cd58a1d053be2a997984126f8afd6a1e1bd51d8d1a22eb3e3
- SSDEEP
  
  6144:8NXoMryfwHXq49a+9z6fYNLaxR5CBqRMTcum6GAb:8VoM2fb4g+RsXCBgMTcumgb
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  setup/3dfx/glide/drivers/voodoo/winnt/glide2x.dll
- Size
  
  384KB
- MD5
  
  4d74cb07f38ae40f48ea02cfa1b58a0e
- SHA1
  
  10a4558bd591b6e62c5e25556414b58c3f6f3664
- SHA256
  
  b071769734ea0580eb26884c2f9c64178cbcac733c94322393bc8a9b3d09a438
- SHA512
  
  befed2aada9710134974bd82a35e22017adaec321886c6e040737e894e1c34b47029c786dab99ce095f3c5047f89f1b1f5e2c563236c5c69a72243403e62c384
- SSDEEP
  
  6144:dyXYOkmeOjietdY2aob6fYNLaxR5CoqRMTcum69Fs7:d6YOTLd9awsXCogMTcum8s7
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  setup/3dfx/glide/drivers/vrush/win95/glide2x.dll
- Size
  
  428KB
- MD5
  
  b3891570f109c6d7d2ed54ba3f01eecb
- SHA1
  
  6b1ac8f7a857e578614f0311c3ce0cd62b1b400a
- SHA256
  
  586fa23313427bd557b708ac7a274a9d81191d5202dd7c003a098522ddea7648
- SHA512
  
  b6146b1f6ecff2ff7cc034b1d0262878e722ded622a40e071a88ae5b240aa348b6d624b8584ba996fdf4fbcf1d0dbd81848a51c086a2a748e8be673b43abc43c
- SSDEEP
  
  6144:dZXeGHkACEmyjzroPtAmlVcx6fYNBalR5ChqRMTcum6xM:dheGHkACEmiol1mxCXChgMTcumX
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  setup/3dfx/is95/shell.dll
- Size
  
  69KB
- MD5
  
  4c17da5fbb4321069112e286d1036796
- SHA1
  
  f3029d38bc4831c2ddaeef40e6174b2a5fefc6d5
- SHA256
  
  d498ac4ceb0f494b912d2bd7bad8cce07a11618797bb55b2b5cabe8e6cf7c772
- SHA512
  
  ae58ebac941f82f004dda972289147a650d2a4625302071e40170f8d6fe134f5503037805e0fda8d5e49993da04088e7b2140a6391f2be4f379d6d45232d7b7d
- SSDEEP
  
  1536:c775KiME1KItYABFS16qrtwrlS8cv2uok6ApZCK:cnvMZItYAqAqRwBTcuuJ6ApZCK
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  setup/3dfx/isnt/shell.dll
- Size
  
  65KB
- MD5
  
  33bb71935330bce0caa9404d0d397482
- SHA1
  
  ab5da592af6258d0b26aecb0767a56f3195afa6b
- SHA256
  
  70df8b8fd6596d3b60b2fec17477d5225b4b71b39ca56a7a90508dc00aed2271
- SHA512
  
  2b070de295ed487c597e17c649f78c0849070058c1637a3708f8c68df1efc5680272ab6ec9083811648e3f5a95efab0ed999bd30e45da58368cb3b14cc56878b
- SSDEEP
  
  1536:/Hlk69OS5gquMfVA6qrtwrlS8cv2uok6ttZLnIJ:/CPSLuMfVqRwBTcuuJ6ttZLny
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  setup/3dfx/setup.exe
- Size
  
  43KB
- MD5
  
  d4759496201ea3bcea216f43f0aa4cbe
- SHA1
  
  e65008798a30b8edeaed9a013a99a446a106026b
- SHA256
  
  31f32ee2a78aa13935e577fec5990377cb5525a9a7ca088e65b502cfede2c018
- SHA512
  
  e7829ff882502dce7664d94ce7244a9a5aa316acce1e091b79c063d4ec51255f01767b39c25aac746c20af237904d084c735c87adfc0fcc88ab622b595bb3776
- SSDEEP
  
  768:t8sgPlzQ7KW6gGEg2AKEc/cvqzqyyMLYYZDwjTJDp1J:elc7VxGEgiE0cvMHyst6TJD/
Score

1^/10
behavioral23 behavioral24
- Target
  
  setup/3dfx/uninst.exe
- Size
  
  291KB
- MD5
  
  9611663f2c512d11e076684a5f435abd
- SHA1
  
  c6ffa4b2ea13246320e537222b233df7455ac8f7
- SHA256
  
  82cce1c91d57422c42ca70661af3648a705e6094ecc33f34d7e8488eca23a1f7
- SHA512
  
  fb464e78c0dc3f6763449c66b5f9869b84a31135e65f9ffb34721c0b5878b6a38819108a5c0e237e61a1c3d95ba87a35b958652d49929c75e73dae33bb65d47d
- SSDEEP
  
  3072:ovk3GWlL8N2iF10MJa4jhFXb9g21W0xKYYGG6JP8eZmTbWnsh6vHlcc2JYo0XJE+:oglL88kb7xKktshqlRfJJLVHyRUdNj
Score

4^/10

discovery
behavioral25 behavioral26
- Target
  
  setup/3dsetup/3ddata.exe
- Size
  
  60KB
- MD5
  
  dcbef85a2c9b59c37389a09a32d281d9
- SHA1
  
  7e637d33cd095a160a1a0a1a6d602b64436149ee
- SHA256
  
  ef3316f8ce637fe3e814867c0629c019753acf07c3bf19e929b80d751b3ad764
- SHA512
  
  5295d1a7d8e593cf4e895f74663f22810c492ebd7cc389a0b7827705a8c1d9356da4fe279ac245dbed3256445a0c4fe3f75f2683df58ffab9a87ddb82a3fc974
- SSDEEP
  
  1536:iLImix0JYgfwEMNAeZsEha5Xt0FxDlgOBR:YixofJYfPhaQF3ggR
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  setup/3dsetup/3dsetup.exe
- Size
  
  269KB
- MD5
  
  5499bfef805c8b4ca5f7f9fc83e735cd
- SHA1
  
  52a548a087f61b39edb3522201359af3d1c9a9b6
- SHA256
  
  85b398c6b3e5d0ae1eb3f2abcb3a20f9793487edda021d6835933430271df0bd
- SHA512
  
  398c4c3b221a6efdc955a63fd73ffb50f20e39e785b872d5c503751d2d964bfc38165d245a64155d4c94609055b8b6a5c4d58e391326213cf1da4dc9b51202d0
- SSDEEP
  
  6144:HLv84FE/iF0AqLMyaQGQFTY51NUGtFAtUODQIL:HLPE/a0AqwXJTraGAtBD
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  setup/3dsetup/3dsetupm.exe
- Size
  
  266KB
- MD5
  
  77ed4f4585619b49ec1d93fd276ce2a9
- SHA1
  
  eb0fc219deb02de2958f9e3dba70156a4f843e7c
- SHA256
  
  4ddfaf5ffdfb76b25cd6f29e6be72f487adee36a3cb3a099fb5f9d5f009ea116
- SHA512
  
  b135c777a691da51d98c98609269e9b581a5ed41e15117ec8effbc51357eacfcf64d9a4563106a8e72cf4e4f67630267a0ac9e41ea828532bdf4a7e98b89d86e
- SSDEEP
  
  6144:XggYfSwUW0J20xvv988gneyoHrS+gpv5xGacl/IfdED:XP9wUW0J20x398b8HrS75x/qQf
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32